<?php

namespace Admin\Controller;

use Think\Controller;

class LoginController extends Controller
{
    public function login(){
        $this->display();
    }

    public function dologin()
    {
    
        if (IS_POST) {

            $username=I('post.username');
            $password=I('post.password');
            $where['username']=$username;
            $where['password']=$password;

            //查找
            $arr = M('user')->where($where)->find();
            //判断
            if ($arr) {

                session('username', $username); //记录用户名
                session(C('USER_AUTH_KEY'), $arr['id']); //配置RBAC权限验证
                if ($_SESSION['username'] == C('RBAC_SUPERADMIN')) {
                    session(C('ADMIN_AUTH_KEY'), true);
                }
                //RBAC
                //import('ORG.Util.RBAC');
                $rbac = new \Org\Util\Rbac();
                $rbac->saveAccessList();

                // $this->redirect('Admin/Index/index');
                json('登录成功');
            } else {
                json('登录失败',1,'');
            }
        } 
    }

    //退出
    public function logout()
    {
        //清除session
        session(null);
        json('注销成功');
    }

    //清理缓存
    public function clear()
    {
        deldir(RUNTIME_PATH.'Cache');
        deldir(RUNTIME_PATH.'Data');
        deldir(RUNTIME_PATH.'Temp');
        json('清除成功！');
    }

    //修改密码
    public function editPassword(){
        $this->display();
    }
    public function editPasswordApi(){
        $password=I('post.password');
        $newPassword=I('post.newPassword');

        $username=session('username');
        $res=M('user')->where("username = '{$username}'")->find();
        if($password==$res['password']){
            $data['password']=$newPassword;
            M('user')->where("username = '{$username}'")->save($data);
            json('修改密码成功');
        }else{
            json('与当前密码不一致',1,'');
        }
        
    }

    
}
